Chapter 9 Pluggable Authentication Modules

Almost every enterprise application requires services such as authentication, logging,
persistence, and security. In most applications, each service is either developed by the
application developer, is reused after customizing the offerings provided by different
vendors, or is implemented by leveraging the frameworks provided by the operating
system.

Applications developed using a framework are interoperable with open standards. Usually, a
framework provided by the operating system ensures conformance with the standards,
maintainability, and upgradability as well as availability across multiple platforms at lower
cost. A framework allows you to develop a structured, compliant application that is portable,
maintainable, and upgradable with changing business rules and compliance requirements.

If your application uses a framework provided by the operating system, for example, a
security framework,instead of having a custom-built implementation, a file-system framework, a
cryptographic framework, or a hot-plug framework, migration from one platform to another
becomes simple. Most frameworks available on UNIX systems are available on Oracle Linux and
maintain similar, if not identical, interfaces.

This chapter is intended for developers of system-entry applications that provide
authentication, account management, session management, and password management through
Pluggable Authentication Modules (PAM). It describes differences in implementation and points
that you should consider when migrating an application to Oracle Linux.